There are some good windows web proxies about. The only problem with them is they sometimes dont natively act as a transparent proxy. i.e. typically you’ll need to set your client machines to a specific IP and port.

I’ve used squid historically when setting up transparent proxies (mainly since it actually has a transparent mode) and this has worked well. Recently i thought i’d have a go at some of the windows solutions to see how they pan out.

netsh is going to be the tool to assist in this case. Here is a typical use for netsh;

netsh

>add v4tov4 listenport=80 connectaddress=127.0.0.1 connectport=8080

This should grab all traffic that hits your machine bound for port 80 and redirect to port 8080.

You’ll also need to make sure that routing is enabled, so your machine can act as a gateway between the requests and the real outbound gateway (typically your dsl modem)

Still my favourite light and fast web proxy is Squid. Its very easy to setup and get running on almost all flavours of linux. You can find it here http://www.squid-cache.org/ but will probably find it in your local package manager…

This is for more my own reference… as i don’t think too many people have the need for a transparent proxy. You only need one NIC configured on your VM / machine as its most probably on the same subnet as your dsl etc…

1. Setup squid working as a proxy first!

Set the default gateway on the NIC to your router. I also added a default route 0.0.0.0 sub 0.0.0.0 to the router also just in case the default route didn’t work. But seemed to!

Setup DNS! remember you should be able to resolve a name to an IP without issues (can cause most of the problems) Point your default DNS to your router (most have built in DNS forwarders), else you can just use your ISP’s DNS’s

2. Change the squid.config to have the necessary changes to act as a transparent proxy;

nano /etc/squid/squid.conf

http_port 3128 transparent

3. Put this into the startup script; (usually in rc.d under etc) rc.local

change ip_forward from 0 to 1 (usually a txt file somewhere with 0 in it), do a search and you will find it… most probably in the ipv4 directory. This way all 443 (https and other apps) can forward to the web without issue…